Cyber Spies Go Mainstream

Uploaded on 2017-05-12 in NEWS-Cybersecurity News, GOVERNMENT-National, FREE TO VIEW, BUSINESS-Production-Manufacturing

Cyber espionage appears to have hit the mainstream, dominated by state-sponsored operatives and taking the slot as most popular attack method in the public sector, education and manufacturing industries, according to Verizon.

The firm’s much anticipated 2017 Data Breach Investigations Report revealed that one in five (21%) breaches were related to espionage: that’s a total of 289 over the report period, more than 90% of which were state-backed.

The fruits of these efforts have been widely reported in recent months, most notably the Kremlin’s attempts to influence the outcome of the US presidential election by hacking and then leaking sensitive Democratic Party officials’ emails.

This week, Trend Micro claimed that a group allied to Russia’s interests, known as APT28, Pawn Storm and Fancy Bear, had also registered phishing emails to target the campaign of French presidential Emmanuel Macron.

“The proportion of attacks motivated by the state is still on the rise, and these hackers are becoming more aggressive each year,” Verizon managing principal of investigative response, Laurance Dine, told Infosecurity Magazine.

“The report reveals that state-affiliated actors were responsible for a quarter of its recorded phishing attacks, almost three times as many compared to the 2016 DBIR, where they were responsible for just 9% of phishing attacks.”

Phishing has become a hugely successful tactic overall, present in a fifth (21%) of attacks, up from just 8% last year.

Linked to that stat is another that organizations should take note of: 81% of hacking-related breaches succeed through stolen, weak or easy-to-guess passwords.

It’s clear that staff training on how to spot phishing, combined with a move away from password-based authentication to multi-factor systems, should be encouraged.

Overall, the volume of breaches and stolen records has risen sharply in recent years. Just four million records were lost in 2011, whereas this year’s report covered 1945 breaches including 20 where over a million records were lost.

Financially motivated attacks dominated the breaches analyzed by Verizon, accounting for 73%.

Dine recommended layered security as a key strategy to mitigate the risks posed by an increasingly agile and determined enemy.

“With a lot of espionage attacks, hackers want to have access for as long as possible without being detected. They get into the network, do some foot-printing and scanning, see what they can get, and can stay under the radar by piggybacking off normal activity. This means hackers can just get one code to the backdoor and they get the keys to the kingdom,” he explained.

“Our advice would be to only give people privileges to certain parts of the network that they actually need to do their job. It is also important to have network monitoring to identify any unusual activity, so that if a hacker has gained access then they can be detected. 

“Monitor outbound traffic to see if anyone is making connections that they have no logical reason to be making, if people are doing things they have nothing to do with their jobs it should raise an alarm. It all goes back to the idea of assuming you have been breached and looking for intruders to give themselves away. Layered security is the only way to do this.”

Infosecurity:

You Might Also Read:

Are Employees Your Weakest Link When It Comes To Security?:

Technology Can Not Diminish Insider Threats By Itself:

US Intelligence Agencies Fear Insiders As Much As Spies:

Safeguard Data When Employees Leave:

 

 

« Macron Hackers Linked To Russian Intelligence
Massive Ransom Attack Hits 99 Countries »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Kernelios

Kernelios

Kernelios is a simulator-based training center and an incubator for cyber experts worldwide.

Eperi

Eperi

Eperi is a leading provider of Cloud Data Protection (CDP) solutions with 15 years of experience in data encryption for databases, (SaaS) applications and files.

Halcyon Knights

Halcyon Knights

Halcyon Knights is a specialist executive search and IT recruitment agency in the APAC region. Areas of specialisation include cybersecurity.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Ackcent Cybersecurity

Ackcent Cybersecurity

Ackcent's mission is to help our clients to protect their critical digital assets by providing them with a portfolio of specialised professional services.

Gluu

Gluu

Modern Authentication for Digital Enterprise. Organizations around the world trust Gluu for large-scale, high-security identity & access management.

ditno

ditno

ditno uses machine learning to help you build a fully governed and micro-segmented network. Dramatically mitigate risk and prevent lateral movement across your organisation – all from one centralised

Schweitzer Engineering Laboratories (SEL)

Schweitzer Engineering Laboratories (SEL)

SEL specializes in creating digital products and systems that protect, control, and automate power systems around the world.

NOW Insurance

NOW Insurance

NOW Insurance provides small business owners and other professional classes with a seamless purchasing experience for general liability, professional liability, and cybersecurity insurance coverage.

UTMStack

UTMStack

UTMStack is a Unified Security Management system that includes SIEM, Vulnerability Management, Network and Host IDS/IPS, Asset Discovery, Endpoint Protection and Incident Response.

MicroSec

MicroSec

MicroSec is a company specializing in IoT security. We focus on bringing enterprise grade security to IoT and embedded systems.

Netpoleon Group

Netpoleon Group

Netpoleon is a leading provider of integrated security, networking solutions and value added services.

Software Improvement Group (SIG)

Software Improvement Group (SIG)

Software Improvement Group helps business and technology leaders drive their organizational objectives by fundamentally improving the health and security of their software applications.

Halogen Group

Halogen Group

Halogen Group is the leading Security Solutions Provider in West Africa. Services encompass Physical Security, Electronic Security, Virtual & Cyber Security, Risk Assessments and Training.

Oxeye

Oxeye

Oxeye fills the gap between cloud and code to show exploitable vulnerabilities, and their path from API to code. More visibility. Less noise. More time to build.

turingpoint

turingpoint

turingpoint GmbH is a tech enabled boutique consultancy. It was founded by security experts with a focus on cyber security and software solutions.